search

Thrown / volatility

Automatically exported from code.google.com/p/volatility
GNU General Public License v2.0
0 stars 0 forks source link

Ldrmodules 2.2 - UnicodeEncodeError: 'ascii' codec can't encode character u'\u6d2c' #411

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago 
What steps will reproduce the problem?
1. 2.2 standalone, run ldrmodules on XPSP3 image
2.
3.

What is the expected output? What do you see instead?

What version of the product are you using? On what operating system?
2.2 windows standalone (also tried with 2.2 vol.py). Win 7 SP1 64bit

Please provide any additional information below.

Location and Profile set in environment variables.

d:volatility-2.2.standalone.exe ldrmodules
Volatile Systems Volatility Framework 2.2
Pid      Process              Base       InLoad InInit InMem MappedPath
-------- -------------------- ---------- ------ ------ ----- ----------
       4 System               0x7c900000 False  False  False \WINDOWS\system32\ntdll.dll
    1068 smss.exe             0x48580000 True   False  True  \WINDOWS\system32\smss.exe
    1068 smss.exe             0x7c900000 True   True   True  \WINDOWS\system32\ntdll.dll
    1116 csrss.exe            0x03470000 False  False  False \WINDOWS\Fonts\sserife.fon
    1116 csrss.exe            0x038b0000 False  False  False \WINDOWS\Fonts\vgasys.fon
    1116 csrss.exe            0x77b40000 True   True   True  \WINDOWS\system32\apphelp.dll
    1116 csrss.exe            0x75b40000 True   True   True  \WINDOWS\system32\csrsrv.dll
    1116 csrss.exe            0x75b60000 True   True   True  \WINDOWS\system32\winsrv.dll
    1116 csrss.exe            0x77e70000 True   True   True  \WINDOWS\system32\rpcrt4.dll
    1116 csrss.exe            0x4a680000 True   False  True  \WINDOWS\system32\csrss.exe
    1116 csrss.exe            0x629c0000 True   True   True  \WINDOWS\system32\lpk.dll
    1116 csrss.exe            0x7e720000 True   True   True  \WINDOWS\system32\sxs.dll
Traceback (most recent call last):
  File "<string>", line 186, in <module>
  File "<string>", line 177, in main
  File "D:\Program Files\Volatility\volatility-2.2\volatility\commands.py", line 111, in execute
    func(outfd, data)
  File "C:\volatility\volatility\plugins\malware\malfind.py", line 582, in render_text
  File "D:\Program Files\Volatility\volatility-2.2\volatility\commands.py", line 201, in table_row
    result = self._elide(("{0:" + spec.to_string() + "}").format(args[index]), spec.minwidth)
UnicodeEncodeError: 'ascii' codec can't encode character u'\u6d2c' in position 
0: ordinal not in range(128)

Original issue reported on code.google.com by tonesur...@gmail.com on 18 Apr 2013 at 7:25

GoogleCodeExporter commented 8 years ago 
Hi, 

Could you please update to the latest volatility (2.3 alpha) which is available 
in the svn trunk? Let me know if the problem still persists in that code base. 
There's no standalone exe for 2.3 alpha yet, but you can use vol.py. I think we 
fixed this already, so it would be useful to know if we didn't.

Thanks!

Original comment by michael.hale@gmail.com on 18 Apr 2013 at 8:23

GoogleCodeExporter commented 8 years ago

Original comment by jamie.l...@gmail.com on 19 Apr 2013 at 11:37

GoogleCodeExporter commented 8 years ago 
Hi MHL,

I used SVN and the instructions on the source checkout page to grab a read-only 
copy. I'm assuming I got 2.3. Sorry, not too familiar with this.

At any rate, /thumbs up, ldrmodules runs without error now. So I think you've 
fixed it!

Original comment by tonesur...@gmail.com on 22 Apr 2013 at 4:44

GoogleCodeExporter commented 8 years ago 
Awesome, thanks for letting me know. Yes, when you checked out via SVN you got 
the most recent code (development version of 2.3). 

Thanks agian.

Original comment by michael.hale@gmail.com on 22 Apr 2013 at 4:49